-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdelete.php
More file actions
50 lines (39 loc) · 1.5 KB
/
delete.php
File metadata and controls
50 lines (39 loc) · 1.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'On');
// Connect database
include('connectdb.php');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Retrieve inputs from the form
$searchTable = strtoupper(trim($_POST['search_table'] ?? ''));
$searchAttribute = strtoupper(trim($_POST['search_attribute'] ?? ''));
$searchValue = trim($_POST['search_value'] ?? '');
// Validate inputs
if (empty($searchTable) || empty($searchAttribute) || empty($searchValue)) {
echo "<p>Please provide all required inputs (table, search attribute, and search value).</p>";
exit;
}
// Construct the SQL DELETE query
$query = "DELETE FROM $searchTable WHERE $searchAttribute = :search_value";
// Prepare the statement
$stid = oci_parse($conn, $query);
if (!$stid) {
$error = oci_error($conn);
echo "<p>Error preparing query: " . htmlspecialchars($error['message']) . "</p>";
exit;
}
// Bind parameter to prevent SQL injection
oci_bind_by_name($stid, ':search_value', $searchValue);
// Execute the query
if (oci_execute($stid, OCI_NO_AUTO_COMMIT)) {
oci_commit($conn);
echo "<p>Row deleted successfully from table '$searchTable' where '$searchAttribute' = '$searchValue'.</p>";
} else {
$error = oci_error($stid);
echo "<p>Error executing delete query: " . htmlspecialchars($error['message']) . "</p>";
}
// Free the statement
oci_free_statement($stid);
}
oci_close($conn);
?>